Table of Contents
The Genesis Market: 5 Things You Should Know
The Genesis Market is an automated internet marketplace that sells passwords, fingerprints, web platform vulnerabilities, cookies, and other sensitive data to help cybercriminals obtain early access to a victim network.
With hundreds of thousands of digital identities posted, security researchers warn that the Genesis Marketplace has become a one-stop shop for threat actors preparing different cyber-attack strategies.
The five most important facts concerning this underground market are stated below.
1- Unknown Risk: Using Stolen Browser Cookies to Avoid MFA bypass
Not only are stolen credentials at danger, but so are browser cookies for sale, posing a significant account takeover risk.
MFA is a tiered strategy for improving account security on the web, VPN, remote desktop sessions, and nearly any virtual environment.
Users can strengthen their access to online accounts by including extra control mechanisms into the login method, such as a code provided by SMS, therefore preventing a significant share of impersonation assaults.
User experience is a top priority for the majority of digital enterprises. Browser cookies minimize friction once a user logs in to an application, so users do not need to reauthenticate as frequently. User sessions are frequently valid for a longer period of time thanks to cookies.
However, threat actors have devised methods to circumvent this feature by using stolen browser cookies. A threat actor can utilize a stolen session cookie to authenticate web apps, hence evading 2fa because the session is already authenticated.
The Genesis market cookies may then be imported into a control browser. This means they can use the online app for as long as the cookie is active, potentially giving them enough time to move around laterally and access confidential data while performing other actions
2- Up-to-date Statistics
On the Genesis Market, over 460 thousand bots are now for sale. These bots are available in nearly every country. The graph below depicts the bot numbers accessible on the market for various nations.
Changes to your writing are highlighted in orange, and you may make more by clicking on words and replacing them with synonyms. Give it a go!
3- Prices differ by country
Bots that gather cookies and digital fingerprints automatically are available on Genesis Marketplace for a variety of nations, including Italy, the United States, Singapore, France, Australia, and the United Kingdom. Each bot has a number of accounts linked to a hacked server. The Genesis bots range in price from $0.60 to $103.2
4- Stealer Logs for Automated Sales
To collect passwords, cybercriminals employ several attack methods such as the rainbow table, brute-force, and credential stuffing. More technically proficient hackers, on the other hand, make use of the features of info stealer malware families such as Raccoon, AZORult, and RedLine. This virus can be spread by email phishing operations, rogue mobile apps, or a browser plugin. After being infected, the victim system joins the botnet. Logs, files, photos, system settings, IP address, browsing history, cookies, and additional features such as capturing random screenshots are all accessible to the bot’s owner. The stolen data is instantly posted to Genesis Market, where threat actors can access it.
5- The Genesis Marketplace Has Competitors: Russian Market and 2easy
The Genesis Market is not the only area where threat actors may collect cookies, web fingerprinting, and vulnerabilities automatically. Genesis Market’s rivals include 2easy and Russian Market. 2easy is a relatively new and reputable market in which the data sold appears to have been legitimately stolen and buyers are assured that the data has not previously been sold. The Russian Market is also an online market where cyber criminals can gather attack tools and sensitive data.